[Date Prev][Date Next]
Re: OpenLDAP 2.0 gamma and objectClass
> > (objectclass=posixAccount) ---- also finds zero entries
> This is correct (unless you defined posixAccount by including
> nis.schema... which, due to lack of two syntax validators, you
> cannot). Note that equality matching for objectClass is done
> by OID. If the assertion string cannot be normalized to an OID,
> the assertion is Undefined.
I did include nis.schema. Since authentication was my main concern I just
removed everything requiring those syntax validators.
> > (objectclass=ou) --- zero entries again
> Unless you've extended schema, this is correct. There is
> no 'ou' objectclass. Use 'organizationalUnit' instead.
On double checking I see 'ou' is just an attribute type... oops. I guess
that does make sense than.
> > (uid=ad*) ---- finds uid=adean,dc=mycompany,dc=com
> >This isn't normal is it?
> Normal would be have 'schemacheck on'... which would cause
> appropriate errors to be returned when adding these entries.
schemacheck is on.
posixAccount is a valid objectclass so "(objectclass=posixAcount)" should
work. Or is there something else.